South Korea's Tax Agency Accidentally Published Seed Phrases, Losing $4.8M in Tokens

South Korea's National Tax Service (NTS) made a critical blunder while handling seized crypto assets — the agency publicly disclosed seed phrases for three wallets in an official press release. An unknown individual exploited the leak and drained 4 million PRTG (Pre-Retogeum) tokens worth approximately $4.8 million, according to local media reports.

How the Leak Happened

The tax agency published a press release featuring a photograph of confiscated Ledger hardware wallets alongside paper backups containing the corresponding mnemonic phrases.

Jaewoo Cho, an associate professor at Hansung University's Blockchain Research Center, explained that the attacker used the published data to transfer the assets to their own Ethereum address. According to Cho, publishing mnemonic phrases in a public press release is effectively an open invitation to steal the funds. He added that the tax authorities' fundamental lack of understanding of virtual assets prevented the recovery of billions of won in state funds.

Why This Matters

The incident exposes a systemic vulnerability: South Korean government agencies have repeatedly failed to properly secure confiscated crypto assets. This marks the third such incident within recent months involving the loss or theft of seized digital currencies in the country.

The case raises serious questions about the competence of agencies tasked with managing seized crypto holdings and could accelerate the adoption of stricter security protocols at the state level.

What We Know About PRTG

According to CoinGecko data, the price of PRTG actually rose from $1.2 to $1.23 over the past 24 hours. The analytics platform lists no data on market supply or capitalization for the token. The sole trading venue is the MEXC exchange, with a 24-hour trading volume of just $338.

One online commenter noted that the wallet which accumulated the stolen tokens had previously received funds from the Bithumb, Bittrex, and Korbit exchanges. Verification data from these platforms could potentially help identify the perpetrator.

«0xc28651F91B129138AE6d75F4c00C97bCA9486c12이 지갑주소 빗썸에서 돈받은내역있는 지갑이네요 ㄷㄷ» — zin (@periagoge1), original post

A Pattern of Crypto Custody Failures in South Korea

In January, prosecutors in Gwangju District launched an investigation into the disappearance of $47.7 million worth of Bitcoin. The loss was discovered during a routine audit of confiscated assets. In February, the hacker voluntarily returned all 320.8 BTC after failing to move the funds, which law enforcement had blocked on an unnamed centralized exchange.

Also in February, authorities opened a separate investigation into the disappearance of 22 BTC seized back in 2021. The coins had been stored in a cold wallet at the Gangnam police station in Seoul. The loss came to light during a nationwide audit of seized digital asset storage — an initiative triggered by the Gwangju prosecution office incident.

Earlier, South Korea's financial regulator also opened an investigation into the Bithumb exchange over the erroneous crediting of 620,000 BTC to users.